-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2017/dsa-3930.wml 2017-08-10 21:16:08.000000000 +0500 +++ russian/security/2017/dsa-3930.wml 2017-08-10 21:20:43.503619392 +0500 @@ -1,32 +1,33 @@ - -<define-tag description>security update</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>обновление безопаÑноÑÑи</define-tag> <define-tag moreinfo> - -<p>Guido Vranken discovered that FreeRADIUS, an open source - -implementation of RADIUS, the IETF protocol for AAA (Authorisation, - -Authentication, and Accounting), did not properly handle memory when - -processing packets. This would allow a remote attacker to cause a - -denial-of-service by application crash, or potentially execute - -arbitrary code.</p> +<p>Ðвидо ÐÑанкен обнаÑÑжил, ÑÑо FreeRADIUS, ÑеализаÑÐ¸Ñ RADIUS, пÑоÑокола +IETF Ð´Ð»Ñ AAA (авÑоÑизаÑии, аÑÑенÑиÑикаÑии и ÑÑÑÑа), Ñ Ð¾ÑкÑÑÑÑм иÑÑ Ð¾Ð´Ð½Ñм кодом, +непÑавилÑно ÑабоÑÐ°ÐµÑ Ñ Ð¿Ð°Ð¼ÑÑÑÑ Ð¿Ñи обÑабоÑке +пакеÑов. ÐÑо Ð¼Ð¾Ð¶ÐµÑ Ð¿Ð¾Ð·Ð²Ð¾Ð»Ð¸ÑÑ ÑдалÑÐ½Ð½Ð¾Ð¼Ñ Ð·Ð»Ð¾ÑмÑÑÐ»ÐµÐ½Ð½Ð¸ÐºÑ Ð²ÑзваÑÑ +оÑказ в обÑлÑживании из-за аваÑийного завеÑÑÐµÐ½Ð¸Ñ ÑабоÑÑ Ð¿ÑиложениÑ, либо поÑенÑиалÑном +вÑполниÑÑ Ð¿ÑоизволÑнÑй код.</p> - -<p>All those issues are covered by this single DSA, but it's worth noting - -that not all issues affect all releases:</p> +<p>ÐÑе пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² одной ÑекомендаÑии по безопаÑноÑÑи Debian, но ÑледÑÐµÑ Ð·Ð°Ð¼ÐµÑиÑÑ, +ÑÑо не вÑе пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð°ÐºÑÑалÑÐ½Ñ Ð´Ð»Ñ Ð²ÑÐµÑ Ð²ÑпÑÑков:</p> <ul> - - <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-10978">CVE-2017-10978</a> and <a href="https://security-tracker.debian.org/tracker/CVE-2017-10983">CVE-2017-10983</a> affect both jessie and stretch;</li> + <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-10978">CVE-2017-10978</a> и <a href="https://security-tracker.debian.org/tracker/CVE-2017-10983">CVE-2017-10983</a> каÑаÑÑÑÑ jessie и stretch;</li> - - <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-10979">CVE-2017-10979</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2017-10980">CVE-2017-10980</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2017-10981">CVE-2017-10981</a> and <a href="https://security-tracker.debian.org/tracker/CVE-2017-10982">CVE-2017-10982</a> affect only jessie;</li> + <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-10979">CVE-2017-10979</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2017-10980">CVE-2017-10980</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2017-10981">CVE-2017-10981</a> и <a href="https://security-tracker.debian.org/tracker/CVE-2017-10982">CVE-2017-10982</a> каÑаÑÑÑÑ ÑолÑко jessie;</li> - - <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-10984">CVE-2017-10984</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2017-10985">CVE-2017-10985</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2017-10986">CVE-2017-10986</a> and <a href="https://security-tracker.debian.org/tracker/CVE-2017-10987">CVE-2017-10987</a> affect only stretch.</li> + <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-10984">CVE-2017-10984</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2017-10985">CVE-2017-10985</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2017-10986">CVE-2017-10986</a> и <a href="https://security-tracker.debian.org/tracker/CVE-2017-10987">CVE-2017-10987</a> каÑаÑÑÑÑ ÑолÑко stretch.</li> </ul> - -<p>For the oldstable distribution (jessie), these problems have been fixed - -in version 2.2.5+dfsg-0.2+deb8u1.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (jessie) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ +в веÑÑии 2.2.5+dfsg-0.2+deb8u1.</p> - -<p>For the stable distribution (stretch), these problems have been fixed in - -version 3.0.12+dfsg-5+deb9u1.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (stretch) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 3.0.12+dfsg-5+deb9u1.</p> - -<p>We recommend that you upgrade your freeradius packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ freeradius.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE3mumcdV9mwCc9oZQXudu4gIW0qUFAlmMh94ACgkQXudu4gIW 0qUw0Q/+Pv1A9TNIpc+yyE42zZdU3wuPB5I393mRK4UM1I7jXe1KclaHvR1DmCD0 7mgJPSfXHdn6RwpHxlkxUdTr8MomTD7S6NG9df7KKuxhOdz1gvMvDbI3Hbwy1Uzn dtVWFoIeQlc84/DI1gxR/q5AbcZNdMvA77o57HGgOpnCaLRBq0E4dmhVtfdpXZxz J3P6eW7pjIHb5jYc5qGEsBPQ2HkHawe1iMaPZcDMQHJ+BL3D3rKWHQAG6bD6FVT9 KGNqesD64Gwv+SrwX0oUeaWfIhWBzkSXKnzLokIWPw3k/b2HlUP9isxJRzjZt+MT SH8E42K+F+URArzJ7wu8rdw2svXxNUmcse6AiwxiTK5EBmN9Ui4B921Fdl9oGKcu zhQvT1+S49E3MCmcucqYKiPilq8XU5SYEArlqN+K1ZbpZIkknJqPjaZbIFFmQ650 vfOpgl6r+jVBJcwy+cJh60t7vHEWiqLYMi50ewiD+xdXvUPZQi33fJuA4mF6dKQB ej07NsBkWXQEFRT21Zz3BQj6LmU5+7zG2k5auZDZBwXeSoK/9ft7l6v9lck4S4is 4wrrlHxiuYIt/s54sWBuTZEXAleSMoXEKSZCg6YD8cj0l1Ux4N4uiDIQwvmRf3s6 63XJLokHVGkNisYAa4mK7VggJlHukuXXJKXqJ/pCl7hXSkJQixM= =I+ZS -----END PGP SIGNATURE-----